Domov technika Ethernet switch

Ethernet switch



Concept

Theswitchinghub,whichcameoutin1990,cansignificantlyimprovetheperformanceofthelocalareanetwork.SwitchinghubsareoftencalledEthernetswitchesorLayer2switches(indicatingthatthisswitchworksatthedatalinklayer).

Itshouldbenotedthatthe"Ethernetswitch"referredtoherereferstoaswitchwithatransmissionbandwidthbelow100Mbps.Belowwewillalsotalkabouta"FastEthernetswitch","Gigabit"Ethernetswitch"and"10GigabitEthernetswitch"areactuallyEthernetswitches,buttheyusedifferentprotocolstandardsortransmissionmedia,andofcoursetheirinterfaceformsmayalsobedifferent.

Keytechnology

(1)VLANtechnology

WiththehelpofVLANtechnology,maliciousattacksonbroadcastdatacanbeeffectivelyavoided.ThemainreasonformaliciousattacksonbroadcastdataisEthernet.Theconflictdomainofthenetworkswitchisinconsistentwiththebroadcastdomain.Inthiscase,VLANtechnology,thatis,localareanetworktechnology,canbeusedtosolvethisproblembylimitingthescopeofthebroadcastdomain.Localareanetworktechnologycaneffectivelyseparatetraffic,makebetteruseofbandwidth,andlogicallydividetheactualLANinfrastructureintomultiplesubnets.Theactualapplicationoflocalareanetworktechnologycannotonlysolvetheproblemofbroadcastmaliciousattacks,butalsoeffectivelyenhancenetworksecurity.Notonlythat,theuseofVLANtechnologycaneffectivelyreducethecostofmovementandchange.Inthecaseofphysicaldivisionofsubnets,userscanbecompletedquicklyChange,thetimerequiredisshorter.However,VLANtechnologyalsohascertainproblemsinactualuse,suchasinterfaceproblemsandlabelintroductionproblems.

(2)Informationflowpriority

Intheprocessofdatatransmission,multimediadataandordinarydataaretransmittedindifferentways,andmultimediadatahasagreaterimpactontheperformanceofthenetworkduringthetransmissionprocess.Highrequirements,ifyouwanttoimprovetheperformanceofmultimediadatatransmission,youcanachievetransmissionthroughinformationflowprioritytechnology.Therearetwocommonlyusedmethodsforinformationflowassignmentpriority.Theyare:thefirstoneistousetheswitchtoconfirmtheinputinformationflow,thenclassifytheinformationflowandassignthecorrespondingpriority.Thegeneralthree-layerEthernetswitchcanbeimplemented.Thisway.Theotheristousetheterminaltoassignaprioritytothedataframeandplacethedataframeinthecorrespondingpriorityqueuetorealizeforwardingaccordingtothepriority.Inthesecondway,allswitchesonthepathbetweenthesourceandthedestinationcanrecognizethepriorityflags.Therearetwoorganizationsdedicatedtospecifyingprioritystandardsforinformationflows,namelyIEEE802.IPandIPV4TOSdomains.TheformerismoresuitableforswitchedEthernetenvironments,andIPV4servicetypedomainprioritystandardsaremainlyusedinwideareanetworks.

(3)Multicasttechnology

Innetworkapplications,especiallyinmultimediaapplications,Ethernetswitchesofteninvolvepoint-to-multipointcommunication.MulticasttechnologyistherealizationThecommonwayofpoint-to-multipointcommunication,thetraditionalpoint-to-multipointcommunicationmethod,notonlywastesbandwidth,butalsopronetodelayandcongestion,andevensomeuselessbroadcastmessages,whichhaveanegativeimpactonsystemperformance.Inmulticasttechnology,thesenderonlyneedstosendamessageonce,androutersandswitcheswillautomaticallycopythemessagetoeveryterminalthatreallywantstoreceivethemessage.Inthisway,thepoint-to-multipointtransmissionproblemiseffectivelysolved.Itshouldbenotedthattherealizationofnetworklayermulticastismorecomplicated,anddetailedanalysisofthethirdandsecondlayermulticastfunctionsisrequired,whichwillbeappliedTonetworktopologytechnologyandGMRPtechnology.GMRPtechnologyistheprerequisiteforimplementingmulticasttechnology.Ifyouwanttoimplementmulticastinseveralswitchingdomainsseparatedbyrouters,youneedtousethemulticastroutingprotocolandIGMP.Forexample,asthecoreswitchingnetwork,theLayer3switchsupportsGMRPandalsosupportsmulticastroutingprotocolandIGMP.

(4)Flowcontrol

FlowcontrolisakeytechnologyinEthernetswitches,whichcanavoidbufferoverflowanddatapacketloss.Introducingtheflowcontrolmechanism,theEthernetswitchcaneffectivelylimitthenetworkaccessmechanism,setanupperlimitonthebuffer,limitthesendingrateofthebuffer,andshutdownthesendingsourceforaperiodoftime.Forexample:inafull-duplexenvironment,anunusedsendingandreceivingchannelisconnectedbetweentheswitchportandtheterminal.Theexistenceofthischannelpreventstheswitchfromgeneratingaconflict.Ifyoustoptheterminalfromsending,theterminalwillkeepsendinguntilThebufferoftheswitchoverflowed.Usingtheflowcontrolmethod,aPAUSEframecanbegeneratedinafull-duplexenvironmentandsenttotheworkstation,sothattheswitchhasenoughtimetoreleasethebuffer.

Application

Ethernetswitchisthemostcommonapplication,thepriceisalsocheaper,andthegradeiscomplete.Therefore,theapplicationfieldisverywide,andtheycanbeseeninlargeandsmalllocalareanetworks.AnEthernetswitchusuallyhasseveraltodozensofports,whichisessentiallyamulti-portbridge.Inaddition,itsportratecanbedifferent,theworkingmodecanalsobedifferent,forexample,itcanprovide10M,100Mbandwidth,providehalf-duplex,full-duplex,adaptiveworkingmethods,etc.

Features

1.EachportoftheEthernetswitchisdirectlyconnectedtothehost,andgenerallyworksinfullduplexmode.

2.Theswitchcanconnecttomanypairsofportsatthesametime,sothateachpairofhoststhatcommunicatewitheachothercantransmitdatawithoutconflictasifitwereanexclusivecommunicationmedium.

3.Theusermonopolizesthebandwidthofthetransmissionmedia.Ifthebandwidthfromaninterfacetothehostis10Mbitpersecond,thenthetotalcapacityofaswitchwith10interfacesis100Mbitpersecond.Thisisthebiggestadvantageoftheswitch.

Workingprinciple

TheEthernetswitchworksonthesecondlayer(thedatalinklayer)oftheOSInetworkreferencemodel,whichisbasedonMAC(MediaAccessControl))AnetworkdevicethatrecognizesaddressesandcompletestheforwardingofEthernetdataframes.

Thesocketsusedtolinkcomputersorotherdevicesontheswitcharecalledports.Thecomputerisconnectedtotheportoftheswitchbymeansofanetworkcardthroughanetworkcable.Eachportofthenetworkcard,switchandrouterhasaMACaddress,whichisfixedintheEPROMofthedevicebythedevicemanufacturer.MACisallocatedbyIEEE,andeachMACaddressisgloballyunique.TheMACaddressisa48-bitbinary.Thefirst24bitsaretheidentifierofthedevicemanufacturer,andthelast24bitsaretheserialnumberassignedbythemanufacturer.

Theswitchacceptsthedataframesentbythecomputerontheport,looksuptheMACaddresstableaccordingtothedestinationMACaddressoftheframeheader,andthenforwardsthedataframefromthecorrespondingporttorealizedataexchange.

Theworkingprocessoftheswitchcanbesummarizedas"learning,memory,receiving,tablelookup,forwarding"andotheraspects:through"learning"youcanlearntheMACaddressofthedeviceconnectedtoeachport;ThecorrespondencerelationshipbetweentheMACaddressandtheportnumberis"memorized"inthememorytoproduceaMACaddresstable;afteradataframeis"received"fromaport,theMACaddresstableis"lookedup"intheMACaddresstablefortheportcorrespondingtothedestinationMACaddressintheframeheaderNumber,andthen"forward"thedataframefromthefoundport.

Theswitchdividestheconflictdomain,andeachportindependentlyformsaconflictdomain.Ifeachporthasalargeamountofdatatobesent,theportwillfirststorethereceiveddatawaitingtobesentintheregister,andthensenditoutwhenitistheturntosend.

Facingproblems

Asadatatransmissiondevice,theEthernetswitchisoneoftheimportantdevicesinthelocalareanetwork.Theinternalstructureportsareallconnectedtothehost,andmultipleportscanbeconnectedAtthesametime,datatransmissionisrealizedwithoutconflict.Inaddition,thecostofEthernetswitchesislowandcanmeettheactualneedsofdifferentlevels.Inthecontextofthebigdataera,thetechnologyofEthernetswitchescontinuestodevelopandexpandstoformmanycomplexservices.Inthisprocess,Ethernetswitchesalsofacemoreserioussecurityproblems,whichmainlyincludethefollowingaspects:first,broadcastmaliciousattacks;second,networkattacks;third,MACaddressattacks;fourth,MACmaliciousspoofing;Fifth,loopattack.Takebroadcastmaliciousattacksasanexample.Thenetworkisanopenplatform.Whentheswitchreceiveslarge-volumebroadcastdata,itwillforwardthesedataintheformofbroadcast.Ifthedatatransmissioncontrolfunctionisnotperfect,thenetworkbroadbandwillberubbish.Thedataisfull,theswitchneedstohavethetransmissioncontrolfunctionfacingthenumerousdata.

Forwardingmethod

1.Cut-throughswitching

2.Store-and-Forwardswitching

3.Segment-freeswitching

Straight-throughswitching,thatis,afterreceivingaframe,aslongastheswitchseesthedestinationMACaddressoftheframe,itwillimmediatelyusetheMACaddresstabletoreportthecorrespondingPortforwarding;theadvantageofthismethodisthatthespeedisfastandthetimerequiredforforwardingisshort,buttheproblemisthatsomeerroneousanduselessframesmaybeforwardedtothedestinationatthesametime.Thestore-and-forwardmechanismisthateachportoftheswitchisallocatedtoacertainbuffer(memoryspace,generally64k).Afterthedataenterstheswitch,thetargetMACaddressisread.AftertheforwardingrelationshipisknownbytheMACaddresstable,thedatawillbeItkeepsstoringinthebufferofthisportuntilthedatafillsupthebufferandthenforwardsallthedatatothedestinationatonce.Whilethedataisstoredinthebuffer,theswitchwillperformasimplevalidationonthedata.Ifthewrongdataisfoundatthistime,itwillnotbeforwardedtothedestination,butwillbedirectlydiscardedhere.Ofcourse,thismethodcanprovidebetterdataforwardingquality,buttherelativeforwardingtimewillbealittlelongerthanthatofdirectswitching.Fragmentisolationisalsocalledimprovedcut-throughswitching.Theadvantageofusingcut-throughisthattheforwardingdelayissmall,andthelengthofeachdataframeischeckedatthesametime.Becauseinprinciple,eachEthernetframecannotbelessthan64bytesandgreaterthan1518bytes.Iftheswitchdetectsframessmallerthan64bytesorlargerthan1518bytes,itwillconsidertheseframestobe"fragmentedframes"or"super-longframes",andthendiscardthembeforeforwardingthem.Thismethodcombinestheadvantagesofdirectswitchingandstore-and-forward,andmanyhigh-speedswitcheswilladoptit,butitdoesnothavethepopularityofstore-and-forward.

Eitherdirectforwardingorstore-forwardingisatwo-layerforwardingmethod,andtheirforwardingstrategiesarebasedonthedestinationMAC(DMAC).Thereisnodifferencebetweenthetwoforwardingmethodsatthispoint..Thethirdmethodismainlyamodificationofthefirst"directforwarding".

Thebiggestdifferencebetweenthemiswhentheydealwiththeforwarding,thatis,howtheswitchdealswiththerelationshipbetweenthereceivingprocessandtheforwardingprocessofthedatapacket.

Tento článek je ze sítě, nereprezentuje pozici této stanice. Uveďte prosím původ dotisku
HORNÍ